CVE-2016-0726

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.0530%

EPSS Percentile3.99th

PublishedJun 6, 2017

Last ModifiedMay 13, 2026

Vulnerability Description

The Fedora Nagios package uses "nagiosadmin" as the default password for the "nagiosadmin" administrator account, which makes it easier for remote attackers to obtain access by leveraging knowledge of the credentials.

Affected Platforms (CPE)

📦

Nagios

All versions

References & Advisories

🔗 https://bugzilla.redhat.com/show_bug.cgi?id=1295446

Related Vulnerabilities

CVE-2002-195910.0

Nagios 1.0b1 through 1.0b3 allows remote attackers to execute arbitrary commands via shell metacharacters in plugin output.

CVE-2019-92039.8

Authorization bypass in Nagios IM (component of Nagios XI) before 2.2.7 allows closing incidents in IM via the API.

CVE-2018-171489.8

An Insufficient Access Control vulnerability (leading to credential disclosure) in coreconfigsnapshot.php (aka configuration snaps...

CVE-2019-91659.8

SQL injection vulnerability in Nagios XI before 5.5.11 allows attackers to execute arbitrary SQL commands via the API when using f...